From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,3a3dffa82925efee X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news1.google.com!news.glorb.com!prodigy.com!atl-c02.usenetserver.com!c03.atl99!c01.usenetserver.com!news.usenetserver.com!elnk-atl-nf1!elnk-nf2-pas!newsfeed.earthlink.net!stamper.news.pas.earthlink.net!newsread1.news.pas.earthlink.net.POSTED!a6202946!not-for-mail From: Jeffrey Carter Organization: jrcarter commercial-at acm [period | full stop] org User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.4) Gecko/20030624 X-Accept-Language: en-us, en MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Advantages References: <2k86nbF18idtrU1@uni-berlin.de> <3p5Ec.13759$Av3.4246@nwrdny01.gnilink.net> In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Message-ID: Date: Fri, 02 Jul 2004 01:31:14 GMT NNTP-Posting-Host: 63.184.105.127 X-Complaints-To: abuse@earthlink.net X-Trace: newsread1.news.pas.earthlink.net 1088731874 63.184.105.127 (Thu, 01 Jul 2004 18:31:14 PDT) NNTP-Posting-Date: Thu, 01 Jul 2004 18:31:14 PDT Xref: g2news1.google.com comp.lang.ada:2040 Date: 2004-07-02T01:31:14+00:00 List-Id: Brian May wrote: > You want to send a message to a hardware device. The requirements > specify that one message should be sent to the device, followed by a > fixed delay, then another message. During this entire period of time, > exclusive access is required to the device, because other threads > could otherwise interfere. > > Lets also assume that sending the message is a blocking function that > will block until either an acknowledgement or error is returned by the > device. > > What is the safest way of implementing this under Ada? > > You could have a protected type emulate a semaphore, but then we are > back to using primitive operations (and related mistakes) that Ada was > meant to avoid. The problem is that protected objects are not general-purposes structures to provide mutual exclusion, as they appear on the surface. Rather, they are specialized to provide mutual exclusion for data. Hence the restrictions against calling potentially blocking operations. This was probably a mistake, but that changes nothing. If you're creating your own language, you can avoid making this mistake. Probably the safest way is the Ada-83 way: use a task. Tasks can block all they want. If the measured overhead of an additional task and a rendezvous exceeds your requirement, Ada has some features that allow a semaphore to be used much more safely than in other languages: A controlled type can be used to automatically seize (during Initialize) and release (during Finalize) a semaphore. This avoids the omission of such calls, especially the "missed path" problem in which there is an exit path (such as due to exceptions) without a release call. The semaphore can be hidden; those who invoke the sequence of operations see them as a single atomic operation. This localizes the places where the semaphore is manipulated, and makes finding errors in its use easier. -- Jeff Carter "I'm a lumberjack and I'm OK." Monty Python's Flying Circus 54